Because the default certificate that exists on the ASA is self-signed, this message just indicates that the browser can't verify the certificate that is being used. In production, the certificates that should be used on the ASA should be from a trusted Certificate Authority (CA).

To get past this point, the next step must be to create a username, as shown in Table 2.

Table 2: Create a User

1

Create a local username and password combination pair.

asa(config)#username username password password

NOTE

The ASA does have the capability to authenticate users into the WebVPN service from a number of different internal databases, including Single Sign On (SSO) options. For the purpose of this article, a simple local username database is used.

After the user is created, login is possible. Once logged in, the default Clientless SSL VPN homepage is shown (an example of this is shown in Figure 3).